mirrors/Mole
1
0
Fork 0
mirror of https://github.com/tw93/Mole.git synced 2026-02-04 17:24:45 +00:00
Code Activity
Files
0384b3ffd210f9104bbaadbe014f0a377fd4fb6d
Mole/.github/workflows/release.yml
Tw93 0384b3ffd2 Supplemental Security Audit Report
2025-12-11 15:18:04 +08:00

104 lines
3.1 KiB
YAML
Raw Blame History

name: Release
on:
push:
tags:
- 'V*'
permissions:
contents: write
jobs:
build-release:
runs-on: macos-latest
steps:
- name: Checkout source code
uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: "1.24.6"
cache: true
- name: Build Universal Binary for disk analyzer
run: ./scripts/build-analyze.sh
- name: Build Universal Binary for system status
run: ./scripts/build-status.sh
- name: Update Security Audit Metadata
run: |
TAG=${GITHUB_REF#refs/tags/}
VERSION=${TAG#V} # Remove 'V' prefix if present
DATE=$(date +'%B %d, %Y')
# Update Date and Audited Version in SECURITY_AUDIT.md
sed -i "s|^**Date:**.*|**Date:** $DATE|" SECURITY_AUDIT.md
sed -i "s|^**Audited Version:**.*|**Audited Version:** $VERSION|" SECURITY_AUDIT.md
echo "Updated SECURITY_AUDIT.md with Date: $DATE and Version: $VERSION"
- name: Verify binary is valid
run: |
if [[ ! -x bin/analyze-go ]]; then
echo "Error: bin/analyze-go is not executable"
exit 1
fi
if [[ ! -x bin/status-go ]]; then
echo "Error: bin/status-go is not executable"
exit 1
fi
echo "Binary info:"
file bin/analyze-go
ls -lh bin/analyze-go
file bin/status-go
ls -lh bin/status-go
echo ""
echo "✓ Universal binary built successfully"
- name: Commit binaries for release
run: |
git config user.name "Tw93"
git config user.email "tw93@qq.com"
git add bin/analyze-go bin/status-go SECURITY_AUDIT.md
if git diff --staged --quiet; then
echo "No changes to commit"
else
git commit -m "chore: update binaries and security audit for ${GITHUB_REF#refs/tags/}"
git push origin HEAD:main
fi
update-formula:
runs-on: ubuntu-latest
needs: build-release
steps:
- name: Extract version from tag
id: tag_version
run: |
TAG=${GITHUB_REF#refs/tags/}
VERSION=${TAG#V}
echo "tag=$TAG" >> $GITHUB_OUTPUT
echo "version=$VERSION" >> $GITHUB_OUTPUT
echo "Releasing version: $VERSION (tag: $TAG)"
- name: Update Homebrew formula
uses: mislav/bump-homebrew-formula-action@v3
with:
formula-name: mole
formula-path: Formula/mole.rb
homebrew-tap: tw93/homebrew-tap
tag-name: ${{ steps.tag_version.outputs.tag }}
commit-message: |
mole ${{ steps.tag_version.outputs.version }}
Automated release via GitHub Actions
env:
COMMITTER_TOKEN: ${{ secrets.PAT_TOKEN }}
- name: Verify formula update
if: success()
run: |
echo "✓ Homebrew formula updated successfully"
echo " Version: ${{ steps.tag_version.outputs.version }}"
echo " Tag: ${{ steps.tag_version.outputs.tag }}"
View Git Blame Copy Permalink